Once the API was successfully added and configured, you can trigger ArmourZero's API Scan to scan and find weaknesses and vulnerabilities on the API and it's endpoints. Depending on your subscribed plan, you can trigger multiple scans at the same time. However the time to complete the scan depending on the size of API and it's endpoints.
You must first add API and configure its endpoints before scan is activated.
Trigger API scan
1. Go to left menu and select "API" under VULNERABILITY SCANNER section. All successful added API will be listed here.
2. Click on the three dots action icon on the domain you intend to scan.
3. Select Scan Now, the scan will start immediately.
Notes:
Depending on your plan, you can add more than 1 API to scan at the same time.
The time to complete the scan depending on the size of API and its endpoints. You can view the scanned results once the scan is completed.
As this scan is a penetration assessment tool, simulating real-time attack to find weaknesses and vulnerabilities, each scan have to trigger on-demand.